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1 "20. A method for protecting the processing of sensitive information in a 

2 security module having a monolithic structure, information processing means 

3 (31) and storage means for storing (32,33) information capable of being 

4 processed by said processing means, comprising the following steps: 

5 - selecting a piece of sensitive information stored in the storage means; 

6 - determining a specific condition for the integrity of said information; 

7 - reading the information and transmitting it to the processing means for 

8 processing; 

9 - processing the information and verifying during processing that the 
5 10 specific condition is satisfied; and 

.™ 11 - disabling processing of the information if the specific condition is not 

A^l2 satisfied. 

^^^1 21 . The method according to claim 20, wherein the information is an 

O 2 operation code read in the storage means (32, 33), the operation code being 

m 3 contained in a table having a content determined during the manufacture of the 

!2 4 security module, and the specific condition for the integrity of the information 

M 5 being the value of the information is equal to one of several set values. 



1 22. The method according to claim 21 , wherein the operation code to 

2 be processed is coded in the form of data bits and said bits do not all have the 

3 same binary value. 

1 23. The method according to claim 20, wherein the specific step of 

2 determining the condition for the integrity of said information comprises checking 

3 a calculated or first piece of integrity data using the information read in the 

4 storage means (32, 33) during the reading of the information and transmitting the 

5 first piece of integrity data to the processing means, and calculating a second 

6 piece of integrity data by the processing means from the information received 

7 and checking for equality between the first and second pieces of integrity data. 
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1 24. The method according to claim 23, wherein the first piece of 

2 integrity data is calculated from at least one piece of calculation data whose 

3 value varies as a function of time. 

1 25. The method according to claim 23, wherein the first piece of 

2 integrity data is calculated from at least one piece of calculation data whose 

3 value varies randomly. 

1 26. The method according to claim 20, wherein the disabling of the 

2 processing of the information is performed by a microprogrammed instruction. 

1 27. The method according to claim 26, wherein the microprogrammed 

^ instruction performs the following steps: 

3 - writing a piece of disable data into a nonvolatile location of the storage 

4 means (32, 33); and 

5 - disabling the processing of the information, 

1 28. The method according to claim 27 further comprising reading by 

2 the processing means (31) a nonvolatile location of the storage means (32, 33) 

3 upon power up of said module and disabling the module if a value read at this 

4 location does not match. 

1 29. A security module comprising an electronic circuit having a 

2 monolithic structure and comprising information processing means (31) and 

3 information storage means (32, 33), means for extracting information from the 

4 storage means and means for selecting information to be processed, the 

5 processing means further comprising means for verifying a specific integrity 

6 condition of a piece of sensitive information, and means for disabling the 

7 processing of the information, said means for disabling being activated when the 

8 means for verification have detected that the specific condition is not satisfied. 



TYSO01 :91 29763vOrT21 46-90681 7I02\1 4\01 



4 



T21 46-906833-US3830/BC(PCT) 

1 30. A security module according to claim 29, wherein the processing 

2 means (31) execute instructions corresponding to operation codes extracted 

3 from a table, characterized in that the table comprises a forbidden instruction 

4 value. 

1 31 . A security module according to claim 30, wherein the operation 

2 code to be processed is coded in the form of data bits, the security module 

3 comprising a means for reading the values of all the bits and a disabling means 

4 activated when the values of the bits are all identical. 

Yl 32. A security module according to claim 29, wherein the processing 

^ 2 means (31) execute instructions corresponding to operation codes extracted 

Lj 3 from a table, the security module comprising a means for reading an operation 

^ 4 code and a disabling means activated during the reading of a forbidden 

y ^ 

m 5 operation code. 

1 33. A security module according to claim 32, wherein the disabling 

m 2 means comprise a means for irreversibly writing an indicator into the storage 

^ 3 means (32, 33), and a means for reading said indicator during the next power-up 

4 of the module. 



1 34. A security module according to claim 29, comprising parity 

2 generators (7, 8) cooperating with the storage means, parity generators (11) 

3 cooperating with the processing means, and a comparator connected to each of 

4 the parity generators and capable of inducing an interrupt in the processing 

5 means. 



1 35. A security module according to claim 34, wherein the operation of 

2 the parity generators (7, 8) varies as a function of time. 



1 



36. A security module according to claim 34, wherein the operation of 
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the parity generators (7, 8) varies randomly. 

37 A security module according to claim 33, characterized in that the 
irreversible writing of the indicator into the storage means (32, 33) is performed 
by executing a microprogrammed instruction. 

38. A security module according to claim 29, characterized in that the 
security module is a microcircuit card.-- 
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